trueCall - your nuisance call blocker - Screens malicious calls, unsolicited calls, unwanted sales calls, phone spam, robocalls - block cold calls - Works alongside the Do Not Call Register - Block unwanted calls - Stop silent calls - Make every call a true call!

Microsoft preps emergency IE patch for Wednesday release

Second out-of-cycle update in the last two months is imminent

By Gregg Keizer

December 16, 2008 (Computerworld) Microsoft Corp. announced today that it will issue an emergency patch tomorrow to quash a critical Internet Explorer bug that attackers have been exploiting for more than a week.

The advance warning came less than a week after Microsoft acknowledged that exploit code had gone public and was being used by hackers to hijack Windows PCs running IE.

Microsoft will deliver the out-of-cycle patch Wednesday at 1 p.m. Eastern time via its normal update mechanisms, including Windows Update, Microsoft Update and Windows Server Update Services (WSUS).

The update will be pegged "critical," the most serious ranking in Microsoft's four-step scoring system.

Even as it declared that it would release an emergency fix, Microsoft continued to downplay the threat. "At this time, we are aware only of attacks that attempt to use this vulnerability against Windows Internet Explorer 7," said company spokesman Christopher Budd in an e-mail today.

Initially, Microsoft and other security companies believed that only IE7 was vulnerable to attack, but on review, the company confirmed that all versions of its browser, including IE5.01, IE6 and IE8 Beta 2, contain the bug.

Last weekend, Microsoft researchers said that they had seen a "huge increase" in attacks, and that some were originating from legitimate Web sites. Another researcher added that about 6,000 infected sites were serving up exploits that target the IE vulnerability.

Also today, Microsoft confirmed that attacks could be launched through Outlook Express, a free e-mail client bundled with Windows XP. Because Outlook Express renders HTML-based messages using IE's engine, attackers could exploit the bug by getting users to open or view malicious messages.

This will be the second out-of-cycle patch from Microsoft in the last two months. In late October, it issued an emergency fix for a critical vulnerability in the Windows Server service; like IE's bug, that one had been actively exploited before Microsoft was able to come up with a patch.

According to today's advance notification, Microsoft will provide patches to users of Windows 2000, XP, Vista, Server 2003 and Server 2008 for IE5.01, IE6 and IE7. A separate patch will apparently be issued tomorrow for IE8 Beta 2, a preview version of Microsoft's next browser that is not officially on the support list.

Computer World Article

Energized by open source: Ditching closed apps spurred growth, utility says

By Thomas Hoffman

December 15, 2008 (Computerworld) Six-year-old BlueStar Energy Services Inc. doesn't have the kind of systems-baggage that saddles many older organizations. Still, the Chicago-based company found itself hindered by the rigidity of its core systems, which constrained its efforts to expand its customer base and offer new services.

Those barriers to growth led the company to embark on a bold effort to replace the bulk of its IT infrastructure -- including voice, e-mail and financial systems -- with open-source software. The initiative has been so successful that CEO Guy Morgan attributes much of the company's recent growth to it.

BlueStar's open-source push has been driven by Tom Keen, the company's chief technology officer since June 2006. While evaluating BlueStar's IT architecture and business systems as a consultant, Keen had seen an opportunity for open-source systems to provide the company's operations with greater flexibility and scalability while strengthening its ability to expand into new markets.

For example, the ERP system, which was written in Macromedia Inc.'s ColdFusion, suffered from scalability constraints. BlueStar supplies electricity to customers in Illinois, Maryland and Washington, D.C., and needs to gather heaps of customer meter data for billing.

The company was paying third parties for electronic data interchange (EDI) data feeds, and batch-processing billing runs often kept BlueStar workers on the job late into the night. The system, which operated on a Dell server running Windows 2003, was "pushed out to the edge," says Keen, and that restricted the company's ability to expand its customer base.

"The most pressing concern for me was the rigidity of the ColdFusion system," says Morgan. "Our business is in a very fluid regulatory environment. Things change all the time, and our infrastructure has to adapt to those changes. I felt like we were constantly putting a Band-Aid on the problem."

The Open-Source Pitch

Even though Morgan recognized the shortcomings of his ERP system, Keen still had to sell him on the merits of shifting the IT architecture to an open-source approach. "Guy couldn't understand why, if open-source technologies are so good, you could just give it away," says Keen. "He just didn't get it."

To help convince Morgan, Keen had him visit a Web site for SugarCRM, an open-source CRM system that boasts a number of Fortune 2,000 customers.

"The thing that convinced me is that a number of well-established companies were adopting [open-source] technologies early on," says Morgan, noting that open source "started to make sense to me."

Still, Morgan's confidence had its limits. "He trusted what we were doing, but his trust had a rope with a noose on the end of it," says Keen.

In November 2006, Keen and his team began developing a prototype for a new e-commerce and billing engine that would be part of an open-source initiative called NextStar. The system would support BlueStar's customer enrollment, billing, e-commerce, accounting, cash management and other financial operations.

But BlueStar executives wanted more, says Keen. They ordered up a comprehensive system that would enable the company to offer unique services to its customers, such as the ability to analyze their own energy consumption.

Such services are important to smaller retail electricity suppliers, says Zarko Sumic, an analyst at Gartner Inc. "[They] need to develop a portfolio that's equivalent to what the large players have," he explains.

The project team initially focused on identifying and streamlining each of the core business processes that would be handled by the NextStar system, including integration with third-party payment providers, such as PayPal Inc. and Bank of America Corp., and receipt of metered data from Commonwealth Edison Co. and other utilities, says enterprise architect Guillermo Tantachuco. "The key was to think big, start small and show early value," he says.

For Tantachuco, those efforts began on the day he joined the company in July 2006. On that day, Morgan informed Tantachuco and other project team members that they needed to develop a customer enrollment system that would go live by October. The group developed a click-through prototype by mid-September and had the production-ready version completed by the end of the month, Tantachuco says.

Keen, Tantachuco and other members of the initial four-person project team used a variety of open-source and commercial technologies to build out the functionality and support in the NextStar system. Among them were Project Open's project management tools.

But the framework for BlueStar's IT architecture was developed using open-source Java software from SpringSource Inc. The company selected SpringSource's offering based on its cost, platform independence and breadth of enterprise-class features, Tantachuco says. Moreover, the San Mateo, Calif.-based Java vendor had "a road map of where they'd be in three years, and that mapped with our plans."

Guy Morgan, CEO, Bluestar Energy Services

Most of the Java frameworks that BlueStar evaluated didn't meet its selection criteria, which included consistent architecture and design across different layers of systems, flexible and extensible APIs and security across all architecture layers, says Tantachuco.

SpringSource's modular architecture and design has enabled BlueStar's IT staffers to develop systems throughout the company's enterprise architecture, including Web, database, messaging, business process management and supply chain integration systems, says Tantachuco.

To aid in the software development, Morgan authorized the creation of an application development center in Lima, Peru, in January 2007. BlueStar settled on Lima because there's only a one-hour time difference between it and Chicago, the city has a sizable population of IT professionals, and its infrastructure has improved dramatically in recent years, says Selyn Chavez, a systems architect who works in the development center there.

Tom Keen, CIO, Bluestar Energy Services

Keen set an aggressive timeline for the 25-person project team (including the first set of Lima-based developers) to build a new IT infrastructure for the company within a year. The use of the SpringSource framework kept the project moving briskly, since the design of the software enabled the project team members to view each of the system components that their colleagues were working on, says Keen.

But there were difficulties. "Open source always has some thorns in it, but so does commercial software," says Keen. One of the biggest challenges, he says, was simultaneously "rowing, bailing and building the new boat."

The IT organization was faced not only with building a new enterprise platform, but also with maintaining the existing platforms while building a strategic plan to seamlessly migrate to the new system and replace third-party vendors, Keen explains. "Not only did we have to revamp the entire infrastructure, but also revamp all best practices and standard operating procedures," he says. "This required extensive planning, coordination and collaboration with our business team members."

It also required "many early mornings, late evenings, and long weekends, but the results were well worth the time investment," Keen adds.

And that investment ended up being far less than it might have been. Keen says that the aggregate code count for the NextStar system is about 40,000 lines -- a fraction of the 5 million to 6 million lines that one consultant estimated it would take to support BlueStar's business requirements.

Delivering the Goods

BlueStar's investment in open source cost $2.5 million to $3 million, including new Dell servers and the Lima development center, says Keen.

Pinpointing the return on investment is difficult, because there are many intangibles, says Morgan, but the numbers are overwhelmingly positive. For example, he says, "if you look at our revenue growth from 2002 to 2007 [from $2.4 million to $171.1 million], you see a big jump toward the end of that, and a lot of that is attributable to the development of these new systems."

Since Keen and his team delivered the initial version of the NextStar system in February 2007, operators in BlueStar's bill-processing center have been able to obtain customer meter data and generate electronic bills within seven minutes instead of the eight hours it used to take under the batch-processing system, says Keen. Those processes have been streamlined, in part, by eliminating the use of two third-party EDI vendors. By handling those functions in-house, says Keen, the company is saving $100,000 to $150,000 per year.

Have your say

What's your experience with open source?

And by replacing the ERP system and a host of others, Keen expects to save $25 million in software license and maintenance fees over the next five years based on current production loads.

Keen says that though the exact ROI numbers are illusive, the payback from open source is undeniable. "I tried sitting down and putting together an ROI analysis," he says, "and it was surreal."

Hoffman is a former Computerworld national correspondent. You can contact him at tom.hoffman24@gmail.com.

Read the article at COMPUTER WORLD

Six Reasons Why Linux Is Right for Small Business

October 3, 2008
By Aaron Weiss

It seems that every year is supposed to be "the year" for Linux, but nobody ever manages to define what "the year" really means. You can find statistics on Linux adoption from a variety of research firms but all seem skewed to represent whatever agenda that firm is pushing-whether that is Linux adoption rising, falling, or stagnating.

There is no centralized way of counting Linux adoption because so many stories are anecdotal and there are so many channels through which Linux can be taken up. Rather than rely on unreliable statistics to make the point that Linux for small businesses in 2008 is a more viable option than ever, we simply need to look at the continued maturation of SMB-friendly Linux offerings.

Clearing the Fog

One of the murkiest challenges that a small business faces when even considering a Linux-based software environment is seeing through the dense range of distributions that make up the Linux ecosystem. Unlike Windows, which is of course centrally distributed by one vendor in a limited number of versions, there are many dozens of Linux-based operating systems. Most Linux distributions are functionally similar in many ways, but they do differ enough in both interface and included components that organizations investing time, money — or both — need to consider their choice. Beyond functionality, Linux distributions may also differ in available support channels and/or licensing cost.

Yes, cost. Although there is a notion that "Linux" equates to "free" this is not always the case. Many Linux distributions are indeed free, but commercial solutions such as Red Hat Enterprise Linux and Novell SUSE come with a price tag. For that investment, though, you typically receive additional software with specialized functionality as well as installation and ongoing support that you might otherwise need to contract from a third-party. Shortly, we'll look at these options in more detail.

Adding to the potentially confusing cost issue is this scenario: many major Linux distributions are available in both a fee-based commercial and a free "community" or "open" version. Generally speaking, the commercial version of a Linux distribution will include the most stable (but not necessarily newest) software packages, may include extra open source or proprietary software, and will include a support contract.

Community distributions, which can be downloaded for free, offer much of the same functionality, but may include newer and less well tested versions of software packages, lack proprietary or closed source enhancements for enterprise or multimedia, and support amounts to "you're on your own." Or, if not on your own, reliant upon volunteer support from the Linux community.

Desktop and Server

When people speak of Linux they often make a distinction between desktop and server deployments. Indeed, Linux has long been a mature presence on servers, first on the Internet, and in recent years powering corporate and intranet environments. It has taken longer for Linux to mature on the desktop, where most users have become accustomed to the Windows experience. Another factor is that Linux has been dogged by a reputation for an unfriendly interface.

Related Articles

The truth is, Linux on the desktop is now mature, and for most users, any of the Linux distributions we look at for small businesses would require very little adaptation. Plus, desktop Linux users are protected from the malware threats that proliferate on Windows machines. The main limitation that remains for Linux on the desktop is application availability. For a small business that relies on particular applications that are available only for Windows-such as Quicken or Outlook-it may be more difficult to justify a Linux-based desktop.

Some commercial Linux distributions are licensed in either server or desktop versions. Typically, you can use a server version as a desktop, although it may not include as many client applications, and the vendor may not support client applications you add. Likewise, many desktop distributions also include server software, particularly for common server functions such as file sharing, databases, and Web applications. In other words, the boundaries between server and desktop Linux can be blurry, and may be defined more by licensing fees and support terms than significant technical differences.

The Linux Six: Top Solutions for Small Business

When you boil down the myriad choices in Linux land, six distributions stand out as the most attractive for the small business whether you are looking at desktop or server solutions.

Red Hat Enterprise Linux 5
Despite having "enterprise" in its name, RHEL is popular with many small- and mid-sized businesses, as well. Red Hat is perhaps the most established name among commercial Linux vendors, having been founded in 1995.

For server use, RHEL supports a wide range of processing platforms from single CPU machines to SMP and clustered configurations. Network storage is available with support for protocols like Autofs, FS-Cache and iSCSI. And Microsoft integration is enhanced with ActiveDirectory support and Microsoft file and printer sharing.

In a desktop environment, RHEL uses Gnome, an interface that is easy to learn for both Windows and Mac users. RHEL 5's most significant new feature is its integration with Xen virtualization, meaning that it includes out-of-the-box support for running virtualized OS environments, which may include additional or earlier Red Hat releases, other Linux distributions, or even Windows.

Because the components in this commercial Linux distribution are well-tested, RHEL is certified for 600 hardware configurations, and can run over 1000 certified applications. A Basic license costs $349 per year and includes Web-based support, while a $799 Standard license buys 12x5 phone support.

Fedora 9
In addition to their Enterprise Linux release, Red Hat also sponsors Fedora, the community edition oriented toward developers and enthusiasts. Fedora contains many of the same components as RHEL 5, but you can download and install it for free — no licenses to buy.

Unlike RHEL, Fedora is developed on a more rapid timeline — six-month releases versus eighteen-month releases for RHEL. This means that the software versions of Fedora components have had less time to be tested. The idea is that Fedora is a test bed for software that may eventually find its way into RHEL, should it prove useful and stable enough. Likewise, Red Hat provides no formal support for Fedora, although there are thriving Web communities you can use as a resource.

For a particular small business, there is not necessarily one right choice between RHEL and Fedora. As a general guide, a very small business with technical aptitude but a limited budget might be drawn toward Fedora, while a larger small business with a more complex operation could benefit from the proven stability and support behind RHEL.

Novell SUSE Linux 10
Red Hat's biggest competitor is Novell SUSE, a commercial/community Linux distribution that is developed according to the same model as RHEL/Fedora. Also like RHEL, SUSE is divided into a server and a desktop product, known as SLES (SUSE Linux Enterprise Server) and SLED (SUSE Linux Enterprise Desktop). Again, the server product does include a desktop environment and can be used that way, although it includes fewer client applications than the full-blown SLED.

For most practical purposes, SLES and RHEL provide very similar feature sets. SLES includes Novell's AppArmor security (application-specific permissions) and their highly praised YaST tool, a kind of all-in-one system control panel and installed software manager. Like RHEL, SLES includes integrated virtualization using Xen. On the desktop, SLED includes both Gnome and KDE interfaces. While Gnome is typically considered more accessible for the average user or Windows refugee, KDE is considered by many to be a more powerful desktop and is often preferred by enthusiasts.

To drive home the point of how closely matched these two Linux giants are, the entry-level licenses for SUSE are priced at $349/year and $799/year — exactly the same as RHEL, with equivalent support terms.

OpenSUSE 11
Whereas RHEL has its free Fedora counterpart, SUSE has OpenSUSE. The model here is the same — OpenSUSE is a Novell-sponsored community distribution. Like Fedora, it is released on a much faster cycle than its commercial counterpart, and therefore contains "bleeding edge" software that provides the latest features at the possible cost of less testing for stability and compatibility.

For example, SLED includes KDE version 3.3, an older but mature desktop. OpenSUSE includes KDE 4, a major upgrade with a much "sexier" desktop environment. But KDE 4 is still under active development and, while it will "mostly" work, issues may arise and there is no formal support to rely on.

CentOS 5
In the remix culture of Linux, there is another twist on the commercial vs. community paradigm: the "rebuild." In this case, a third-party collects the open source software that makes up a more well-known Linux distribution, like Red Hat Enterprise Linux, and re-packages it into a separate distribution.

Put another way, a rebuild is often like a clone, and in the open source software world is perfectly legal. CentOS ("Community ENTerprise Operating System") is just such a rebuild, a re-packaging of RHEL 5. Of course, while Red Hat provides formal support through license fees for RHEL 5, no such support is offered for CentOS.

In that case, how is CentOS different from Fedora? Because CentOS does not contain the "bleeding edge" components of Fedora, but the stable and well-tested components in RHEL 5. If you're new to open source, all this might sound a little shady, but in fact CentOS is one of the more popular Linux distributions. For the small business, CentOS offers a budget-conscious alternative to the stability risks of Fedora without paying for the formal support of RHEL 5.

Ubuntu 8.04
Some may raise an eyebrow at seeing Ubuntu listed among business-oriented Linux platforms. By its own design, Ubuntu &# 151a South African concept for "being human" — has been developed as an accessible, end-user-friendly Linux known for being warm and fuzzy.

Indeed, Ubuntu has developed a reputation not unlike the Mac. It is adored by desktop users, but without a strong presence in server racks. The reality, however, is somewhat different. Ubuntu (and Macs) do have a place on the server, although not so often seen in large scale enterprise back-ends.

For the small business, the Ubuntu Linux offers several attractive benefits. One, it is free to download and use in any scenario you want. You can optionally pay for a support subscription ($250 desktop/$750 server, annually). Unlike Red Hat and SUSE, foregoing paid support does not mean having to use a separate community edition with different software versions. With Ubuntu, you are always using the vendor-sponsored-and-tested platform.

Because Ubuntu provides a very strong desktop experience with support for a wide range of consumer hardware, it is easy to deploy in a variety of environments. At the same time, many small businesses will be adequately served by Ubuntu's typical range of server software, from Windows-compatible file and print sharing to Web serving and database support. More ambitious server packages can be installed in Ubuntu, although it may take a little more work on your end compared to turnkey enterprise distributions.

Related Articles

• Zen and the Art of the Six-Figure Linux Job

• Linux Distro to Newbies: Adapt or Leave!

• Gentoo Linux Cancels Distribution

• Linux and the Enterprise Desktop, Revisited

• Linux Promotion in Mall Kiosks

• Microsoft, Novell Expand Linux Virtualization

Finally, Ubuntu is particularly well-supported by its user community. Even without paid support, answers to almost every conceivable issue are available at Ubuntu Web forums, which are often oriented toward the non-expert Linux user.

In short, would Ubuntu Linux be the top choice for an enterprise running a 2,000 CPU production backend? Probably not. But for a small business with modest needs, Ubuntu can be a free, friendly, minimum-fuss solution.

Plenty of Fish in the Sea

These six Linux distributions are just the tip of the iceberg because Linux is a deep and vast ocean. In practice, though, the majority of Linux deployments, particularly in business environments, involve one of these six platforms because they address the major mix of needs between form, function and pricing. Linux is all about choice, which also means you have the choice whether to explore Linux distributions in more depth — or not.

Aaron Weiss a technology writer, screenwriter and Web development consultant who spends his free time stacking wood for the winter in Upstate New York. His Web site is: bordella.com.

This article was first published on SmallBusinessComputing.com.

Tags: virtualization, Microsoft, Linux, open source, Windows

ITMANAGEMENT.EARTHWEB

Microsoft sees 'huge increase' in IE attacks

Thousands of hacked sites, including porn URLs, exploit unpatched IE bug

By Gregg Keizer

December 14, 2008 (Computerworld) Microsoft Corp. warned Saturday of a "huge increase" in attacks exploiting a critical unpatched vulnerability in Internet Explorer (IE) and said some originated from hacked pornography sites.

Other researchers confirmed that attacks were increasingly coming from compromised Web sites.

Microsoft noted the upswing in attacks on its Malware Protection Center blog late Saturday. "The trend for now is going upwards," said researchers Ziv Mador and Tareq Saade on the blog. "We saw a huge increase in the number of reports today compared to yesterday."

Hackers have been exploiting a data binding bug in IE for more than a week, according to researchers who first noted in-the-wild attack code on Chinese servers. The vulnerability, which exists in all versions of the Microsoft browser, including IE5.01, IE6, IE7 and IE8 Beta 2, has so far been exploited only by attack code that targets IE7, the most widely-used edition.

Mador and Saade said that attacks are increasingly being launched from legitimate Web sites. "Some legitimate Web sites were maliciously modified to include the exploits," the two said. A popular Taiwanese search engine and a Hong Kong-based pornography site were among the sites that were hacked, then set up to attack visitors running IE.

Researchers at Trend Micro Inc. also reported a big increase in hacked sites serving exploits aimed at the new IE bug. On Saturday, the security firm estimated that about 6,000 sites have been infected so far, noting that the count was "quickly increasing in number."

As in previous, large-scale attacks based on legitimate Web sites, this one involves hackers who execute SQL injection attacks to first compromise the sites. In a SQL injection attack, hackers exploit vulnerabilities in Web applications that rely on a back-end database, which then gives them a way to add and run malicious code, usually rogue JavaScript, against any browser.

Microsoft acknowledged that attacks have become a significant problem. "Based on our stats, since the vulnerability has gone public, roughly 0.2% of users worldwide may have been exposed to Web sites containing exploits of this latest vulnerability," Mador and Saade said. "That percentage may seem low. However, it still means that a significant number of users have been affected."

The move to legitimate, but hacked, sites is a change in tactics. As recently as Thursday, attacks were coming only from malicious sites, most of them in China. Even then, however, Microsoft had warned that hackers would probably expand the scope of their attacks by compromising valid sites.

In related news, Microsoft said it was working on a patch for IE, although the company has still not said when it would issue the update. Some researchers expect the vendor to release a fix outside its normal monthly schedule; the next security updates aren't due until Jan. 9, 2009.

Microsoft also revised its security advisory for a third time on Saturday, adding more information about the recommended actions users should take until a patch is available. The company has offered up a total of nine different work-arounds for IE users, several of which require editing of the Windows registry, a chore most users assiduously avoid.

DirectX 11 Confirmed For Microsoft Windows 7

German computer magazine PC Games Hardware received information from Ben Basaric, Product Marketing Manager Windows, that Windows 7 will ship with DirectX 11. He also confirmed that DirectX 11 will also be released for Windows Vista with the most likely scenario that DirectX 11 will be shipped as part of Windows Vista Service Pack 2.

Windows7News

Windows 7 News

Senior Vice President Bill Veghte stated that Windows 7 will not have the kind of compatibility issues with Vista that Vista has with previous versions

“You've let us know you don't want to face the kinds of incompatibility challenges with the next version of Windows you might have experienced early with Windows Vista. As a result, our approach with Windows 7 is to build off the same core architecture as Windows Vista so the investments you and our partners have made in Windows Vista will continue to pay off with Windows 7. Our goal is to ensure the migration process from Windows Vista to Windows 7 is straightforward.”

Speaking about Windows 7 on 16 October 2008, Microsoft CEO Steve Ballmer confirmed compatibility between Vista and Windows 7

“Our next release of Windows will be compatible with Vista. The key is let’s get on with it. We’ll be ready when you want to deploy Windows 7.”

Ballmer also confirmed the relationship between Vista and Windows 7, indicating that Windows 7 will be an improved version of Vista

Wikipedia Windows7

Windows XP’s death knell
With the clanging of Windows XP’s death knell ringing loud and clear in the lead up to its June 30 cutoff, Microsoft today has released the final Windows XP Service Pack to computer builders and volume licensing customers. ItNews

News Update! 10,000 sites were compromised
Hot on the heels of a recent hack in which 10,000 sites were compromised, researchers have disclosed a new large-scale attack. Researchers at McAfee estimated that the attack has been active for roughly one week, and in that time frame has managed to place itself on roughly 200,000 web pages.ItNews

Apple’s top iPod gun to depart; Papermaster in; Jobs succession gets murkier Posted by Larry Dignan @ 6:30 am
Tony Fadell, the senior vice president in charge of Apple’s iPod division, is leaving the company to be replaced by Mark Papermaster, a former Big Blue executive who is being sued by IBM over a non-compete clause. The move (statement), first reported by the Wall Street Journal, marks the departure of one of the executives behind Apple’s transformation into an entertainment and mobile handset company. Fadell had his fingerprints on two of Apple’s big hits: The iPod and the iPhone. You could argue that those two products transformed Apple into what it is today.Zdnet.com

Terry McCrann November 01, 2008 12:00am
RUPERT Murdoch is clearly captivated by that strange beast Google, which emerged from a garage in suburban Menlo Park in California to in barely half-a-dozen years colonise just about every computer screen in the world. He sees it as bringing down the Microsoft monolith, which has ruled the computer world so completely and so ruthlessly for so many years. Does Microsoft face competition, I ask? Absolutely! he responds with emphasis. Microsoft's dominance has gone. Google is the dominant player today, he thunders. Herald Sun

News Update!
OpenOffice.org 3.0 is available now ! Following three years of continuous improvement, OpenOffice.org has now reached the landmark version 3.0, with a host of new features including native support for Mac OS X users. Head to OpenOffice Download to download the en-US version.

News Linux captures the 'green' flag
Linux beats Windows 2008 power-saving measures Independent tests show that Red Hat Linux pulls as much as 12% less power than Windows 2008 on identical hardware By Tom Henderson and Rand Dvorak, Network World Lab Alliance , Network World , 06/09/2008 Networkworld

Better late then never,

or maybe not!

"Virgin Blue pursues $20 million in compensation for business loses in check-in crash."

Virgin Blue will seek to recover $20 million lost when it's reservation system crashed last month.

The carrier is expected to demand compensation from Navitaire the company which supplies the NewSkies system which failed on September 26 2010.

Apparently another carrier Ryan air had experienced similar problems in the preceding weeks so Navitaire should have been especially alert to possibility of systems issues with Virgin Blue.

Virgin in this situation are probably in a bind that smaller organisations don't have to face. That is they are locked into a proprietary IT solution because of their need to collaborate with other industry players. This mean that Virgin probably cannot change IT suppliers even if they wanted to.

To an outsider the performance of Navitaire in this situation has been outstanding. When most businesses expect an up-time of 99.99% which means a downtime of around one hour a year and some businesses demanding up-time of 99.999 or about six minuets a year, it is hard to understand how an Navitaire could let their customer suffer an outage of days.

Virgin Blue do not see this situation as causing long term damage to their company. How would your business be perceived if you suffered a similar outage. The concept of disaster recover somehow does not seem to have permeated the people at Virgin Blue or Navitaire and they both should share some responsibility for this. If organisations don't ensure that their IT providers have sufficient disaster recovery for them, the they must share some of the responsibility when disasters happens.

Something else for a change

"Ninety-five percent of the world's computers run Windows," Ballmer proudly told an audience of students at Sweden's Royal Institute of Technology on Monday. "They don't run Mac, they don't run Linux."

Microsoft is also very good at suggesting that Windows malware is an industry problem rather than one that's a direct result of its own lax security.

The fact is, there are few users in this world who choose Windows because it's irresistibly good. Rather, most use it because of inertia, pure and simple. For that inertia, however, everyone pays a price--especially organizations. Here's why Windows is undeniably bad for business.

1. It's a Monoculture

If Steve is to be believed, 95 percent of the world's desktop computers run Windows. That, in biological terms, is what we call a "monoculture," meaning that there is an overwhelming predominance of one particular species.

Such a condition is generally toxic in biology--introduce a single pathogen known to affect the leading species, and you wipe out them all!--and so it is, too, in the world of computers. What could make life easier for a malicious hacker than knowing she'll hit the majority of the world's computers with a single worm?

Linux, by contrast, offers considerable strength in its diversity. Not only are there myriad distributions of Linux, but there are also multiple shells, packaging systems, mail clients and even underlying architectures in use, making it much harder for malware to hit more than a small proportion. Sorry, bad hackers!

2. Permissions

It's inevitable that human computer users are going to forget what they should do, or maybe even deliberately ignore the "should" in favor of what they want right now--like porn, pictures of cute kittens, or whatever.

On Linux, that's OK, because their computer accounts are looking out for them. Even if they slip and click on that malicious link, the most any malware can do is trash their individual computer and files.

Windows? Well, the picture's not so rosy. In fact, Windows users are pretty much given administrator access by default. So, a momentary human weakness can lead to widespread devastation starting with a single computer.

Microsoft's proposal about isolating affected computers is like closing the barn door after the horses have escaped. Hint: It's before they go that you need to do that, Microsoft--like when you're establishing permissions to begin with.

3. Closed Code

No one but Microsoft developers can see Windows code. Some may argue that that makes it more secure--the bad guys can't see it, right?

Wrong. It's a proven fact that open code improves security by enabling the countless good guys around the globe to inspect it, test it, and fix it as necessary. There is no such thing as security by obscurity.

4. Reliability

How many weeks go by without any unplanned downtime, Windows user? None, you say? And how about you, Linux user: What's unplanned downtime, you ask?

That's right. Whether it's due to malware or something else, Windows computers involve a lot of downtime. Linux computers don't. For business users, in particular, that's plain and simple.

5. Price

Finally, Windows may not seem like it costs anything, since it comes bundled on most PCs for sale today. But honestly, do you think Microsoft is a not-for-profit organization? You'd better believe that price is factored in, and you've already paid it.

With Linux, not only do you not have to pay for your operating system--though you can, if you want extra support--but you also don't have to keep upgrading your hardware to keep up with the exorbitant resources Windows demands. Free doesn't mean worthless--it just means without cost.

None of this is to say that Linux, or any other operating system, is perfect. The difference, though, is that no other operating system has created a monoculture and then tried to lay the responsibility for security on the industry as a whole the way Windows has.

It's not computer security that's a problem for business--it's Windows. Try something else and you may like what you find.

Follow Katherine Noyes on Twitter: @Noyesk.

go to the original document at: www.pcworld.com